User's Manual
Appendix G Command Interpreter 273
BCM50a Integrated Router Configuration — Advanced
create selfsigned
<name>
<subject>
[key size]
Creates a self-signed local host certificate.
<name> specifies a descriptive name for the
generated certificate.
<subject> specifies a subject name (required) and
alternative name (required). The format is
“subject-name-dn;{ip,dns,email}=value". If the name
contains spaces, put it in quotes.
[key size] specifies the key size. It has to be an
integer from 512 to 2 048. The default is 1 024 bits.
create request
<name>
<subject>
[key size]
Creates a certificate request and saves it to the
router for later manual enrollment.
<name> specifies a descriptive name for the
generated certification request.
<subject> specifies a subject name (required) and
alternative name (required). The format is
"subject-name-dn;{ip,dns,email}=value". If the name
contains spaces, put it in quotes.
[key size] specifies the key size. It has to be an
integer from 512 to 2 048. The default is 1 024 bits.
create scep_enroll
<name> <CA
addr> <CA
cert> <auth
key>
<subject>
[key size]
Creates a certificate request and enrolls for a
certificate immediately online using SCEP protocol.
<name> specifies a descriptive name for the enrolled
certificate.
<CA addr> specifies the CA server address.
<CA cert> specifies the name of the CA certificate.
<auth key> specifies the key used for user
authentication. If the key contains spaces, put it in
quotes. To leave it blank, type "".
<subject> specifies a subject name (required) and
alternative name (required). The format is
"subject-name-dn;{ip,dns,email}=value". If the name
contains spaces, put it in quotes.
[key size] specifies the key size. It has to be an
integer from 512 to 2 048. The default is 1 024 bits.
Table 64 Certificates commands
Command Description